| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * Change password vmailmgrd backend |
| 5 | * |
| 6 | * Backend won't work, if vmail.inc file is not included. vmail.inc file |
| 7 | * should be part of your vmailmgr install. In some cases it is included in |
| 8 | * separate package. |
| 9 | * |
| 10 | * If you use modified vmail.inc, it must provide vchpass() function that |
| 11 | * acts same way as stock (vmailmgr v.0.96.9) vmail.inc function call |
| 12 | * and other vmail.inc functions should use same $vm_tcphost and |
| 13 | * $vm_tcphost_port globals as used by stock vm_daemon_raw() function call. |
| 14 | * If you have heavily modified vmail.inc and this backend does not work |
| 15 | * correctly - recheck, if you can reproduce your problem with stock |
| 16 | * vmail.inc or adjust backend configuration for your site. |
| 17 | * |
| 18 | * Backend also needs vmailmgrd service. You can find information about |
| 19 | * installing this service in vmailmgr FAQ and vmailmgrd.html. |
| 20 | * |
| 21 | * Backend might require functions, that are available only in SquirrelMail |
| 22 | * v.1.5.1 and v.1.4.4. |
| 23 | * |
| 24 | * @author Tomas Kuliavas <tokul at users.sourceforge.net> |
| 25 | * @copyright 2005-2018 The SquirrelMail Project Team |
| 26 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
| 27 | * @version $Id$ |
| 28 | * @link http://www.vmailmgr.org vmailmgr site |
| 29 | * @package plugins |
| 30 | * @subpackage change_password |
| 31 | */ |
| 32 | |
| 33 | /* Default backend configuration */ |
| 34 | |
| 35 | /** |
| 36 | * path to vmail.inc |
| 37 | * |
| 38 | * This variable must provide full path to vmail.inc file including filename. |
| 39 | * |
| 40 | * WARNING: Don't disable this variable. It must be set to correct value or |
| 41 | * to empty string. If variable is missing, backend can have security problems |
| 42 | * in some PHP configurations. |
| 43 | * @global string $vmail_inc_path |
| 44 | */ |
| 45 | global $vmail_inc_path; |
| 46 | $vmail_inc_path=''; |
| 47 | |
| 48 | /** |
| 49 | * address of vmailmgrd host. |
| 50 | * |
| 51 | * Leave it empty, if you want to use unix socket |
| 52 | * global is used by vmail.inc functions |
| 53 | * @global string $vm_tcphost |
| 54 | */ |
| 55 | global $vm_tcphost; |
| 56 | $vm_tcphost=''; |
| 57 | |
| 58 | /** |
| 59 | * port of vmailmgrd |
| 60 | * |
| 61 | * global is used by vmail.inc functions. |
| 62 | * @global integer $vm_tcphost_port |
| 63 | */ |
| 64 | global $vm_tcphost_port; |
| 65 | $vm_tcphost_port=322; |
| 66 | |
| 67 | /** |
| 68 | * Option that controls use of 8bit passwords |
| 69 | * Use of such passwords is not safe, because squirrelmail interface |
| 70 | * can be running in different charsets. |
| 71 | * @global boolean |
| 72 | */ |
| 73 | global $cpw_vmailmgrd_8bitpw; |
| 74 | $cpw_vmailmgrd_8bitpw=false; |
| 75 | |
| 76 | /* end of backend configuration */ |
| 77 | |
| 78 | /** load configuration from config.php */ |
| 79 | if ( isset($cpw_vmailmgrd) && is_array($cpw_vmailmgrd) && !empty($cpw_vmailmgrd) ) { |
| 80 | if (isset($cpw_vmailmgrd['vmail_inc_path'])) |
| 81 | $vmail_inc_path=$cpw_vmailmgrd['vmail_inc_path']; |
| 82 | if (isset($cpw_vmailmgrd['vm_tcphost'])) |
| 83 | $vm_tcphost=$cpw_vmailmgrd['vm_tcphost']; |
| 84 | if (isset($cpw_vmailmgrd['vm_tcphost_port'])) |
| 85 | $vm_tcphost_port=$cpw_vmailmgrd['vm_tcphost_port']; |
| 86 | if (isset($cpw_vmailmgrd['8bitpw'])) |
| 87 | $cpw_vmailmgrd_8bitpw=$cpw_vmailmgrd['8bitpw']; |
| 88 | } |
| 89 | |
| 90 | |
| 91 | /** |
| 92 | * Init change_password plugin hooks. |
| 93 | */ |
| 94 | global $squirrelmail_plugin_hooks; |
| 95 | $squirrelmail_plugin_hooks['change_password_dochange']['vmailmgrd'] = |
| 96 | 'cpw_vmailmgrd_dochange'; |
| 97 | $squirrelmail_plugin_hooks['change_password_init']['vmailmgrd'] = |
| 98 | 'cpw_vmailmgrd_init'; |
| 99 | |
| 100 | |
| 101 | /** |
| 102 | * Use this function to do any backend-specific initialisation, |
| 103 | * e.g. checking requirements, before the password change form |
| 104 | * is displayed to the user. |
| 105 | */ |
| 106 | function cpw_vmailmgrd_init(){ |
| 107 | global $vmail_inc_path, $username, $oTemplate; |
| 108 | |
| 109 | if ($vmail_inc_path=='' || ! file_exists($vmail_inc_path)) { |
| 110 | // $vmail_inc_path is not set or file does not exist |
| 111 | error_box(_("Incorrent path to vmail.inc file.")); |
| 112 | // close html and stop script execution |
| 113 | $oTemplate->display('footer.tpl'); |
| 114 | exit(); |
| 115 | } |
| 116 | |
| 117 | include_once($vmail_inc_path); |
| 118 | |
| 119 | if (! function_exists('vchpass')) { |
| 120 | // included vmail.inc does not have required functions. |
| 121 | error_box(_("Invalid or corrupted vmail.inc file.")); |
| 122 | // close html and stop script execution |
| 123 | $oTemplate->display('footer.tpl'); |
| 124 | exit(); |
| 125 | } |
| 126 | |
| 127 | if (! preg_match("/(.*)\@(.*)/", $username)) { |
| 128 | // username does not match vmailmgr syntax |
| 129 | error_box(_("Invalid user.")); |
| 130 | // close html and stop script execution |
| 131 | $oTemplate->display('footer.tpl'); |
| 132 | exit(); |
| 133 | } |
| 134 | } |
| 135 | |
| 136 | |
| 137 | /** |
| 138 | * function used to change password in change_password plugin hooks. |
| 139 | * |
| 140 | * @param array $data The username/curpw/newpw data. |
| 141 | * @return array Array of error messages. |
| 142 | */ |
| 143 | function cpw_vmailmgrd_dochange($data) |
| 144 | { |
| 145 | global $cpw_vmailmgrd_8bitpw; |
| 146 | |
| 147 | /** |
| 148 | * getting params from hook function. |
| 149 | */ |
| 150 | $username = $data['username']; |
| 151 | $curpw = $data['curpw']; |
| 152 | $newpw = $data['newpw']; |
| 153 | |
| 154 | $msgs = array(); |
| 155 | |
| 156 | // check for new 8bit password |
| 157 | if (! $cpw_vmailmgrd_8bitpw && sq_is8bit($newpw)) { |
| 158 | // 8bit chars in password when backend is configured to block them |
| 159 | array_push($msgs,CPW_INVALID_PW); |
| 160 | return $msgs; |
| 161 | } |
| 162 | |
| 163 | // extract username and domain |
| 164 | if (preg_match("/(.*)\@(.*)/", $username, $parts)) { |
| 165 | $vm_user=$parts[1]; |
| 166 | $vm_domain=$parts[2]; |
| 167 | } |
| 168 | |
| 169 | // check if old password matches |
| 170 | $vmgrd_response1 = cpw_vmailmgrd_passwd($vm_user,$vm_domain,$curpw,$curpw); |
| 171 | if ($vmgrd_response1[0]!=0) { |
| 172 | array_push($msgs, CPW_CURRENT_NOMATCH); |
| 173 | return $msgs; |
| 174 | } |
| 175 | |
| 176 | // change password |
| 177 | $vmgrd_response2 = cpw_vmailmgrd_passwd($vm_user,$vm_domain,$curpw,$newpw); |
| 178 | if ($vmgrd_response2[0]!=0) { |
| 179 | // TODO: add vmail.inc error message parser. |
| 180 | array_push($msgs, cpw_i18n_vmail_response($vmgrd_response2[1])); |
| 181 | } |
| 182 | |
| 183 | return $msgs; |
| 184 | } |
| 185 | |
| 186 | /** |
| 187 | * function that calls required vmail.inc functions and returns error codes. |
| 188 | * |
| 189 | * Information about vmailmgr return codes. |
| 190 | * vmailmgr functions return array with two keys. |
| 191 | * Array( |
| 192 | * [0] => error code, integer (0=no error) |
| 193 | * [1] => error message, string |
| 194 | * ) |
| 195 | * @return array |
| 196 | */ |
| 197 | function cpw_vmailmgrd_passwd($user,$domain,$oldpass,$newpass) { |
| 198 | global $vmail_inc_path; |
| 199 | |
| 200 | // variable should be checked by cpw_vmailmgrd_init function |
| 201 | include_once($vmail_inc_path); |
| 202 | |
| 203 | return vchpass($domain,$oldpass,$user,$newpass); |
| 204 | } |
| 205 | |
| 206 | /** |
| 207 | * Function is used to translate messages returned by vmailmgr |
| 208 | * php library and vmailmgr daemon. |
| 209 | * @param string $string vmailmrgd message. |
| 210 | * @return string translated string. |
| 211 | */ |
| 212 | function cpw_i18n_vmail_response($string) { |
| 213 | if ($string=='Empty domain') { |
| 214 | // block one: vchpass responses |
| 215 | $ret = _("Empty domain"); |
| 216 | } elseif ($string=='Empty domain password') { |
| 217 | $ret = _("Empty domain password"); |
| 218 | } elseif ($string=='Empty username') { |
| 219 | $ret = _("Empty username"); |
| 220 | } elseif ($string=='Empty new password') { |
| 221 | $ret = _("Empty new password"); |
| 222 | /* |
| 223 | * block is disabled in order to reduce load on translators. |
| 224 | * these error messages should be very rare. |
| 225 | } elseif ($string=='Invalid or unknown base user or domain') { |
| 226 | // block two: vmailmgr daemon strings |
| 227 | $ret = _("Invalid or unknown base user or domain"); |
| 228 | } elseif ($string=='Invalid or unknown virtual user') { |
| 229 | $ret = _("Invalid or unknown virtual user"); |
| 230 | } elseif ($string=='Invalid or incorrect password') { |
| 231 | $ret = _("Invalid or incorrect password"); |
| 232 | } elseif ($string=='Unknown operation to stat') { |
| 233 | $ret = _("Unknown operation to stat"); |
| 234 | } elseif (preg_match("/^Incorrect number of parameters to command (.+)/",$string,$match)) { |
| 235 | $ret = sprintf(_("Incorrect number of parameters to command %s"),$match[1]); |
| 236 | } elseif (preg_match("/^Invalid or unknown domain name: (.+)/",$string,$match)) { |
| 237 | $ret = sprintf(_("Invalid or unknown domain name: %s"),$match[1]); |
| 238 | } elseif ($string=='Invalid operation') { |
| 239 | $ret = _("Invalid operation"); |
| 240 | } elseif (preg_match("/^Invalid or unknown base user name: (.+)/",$string,$match)) { |
| 241 | $ret = sprintf(_("Invalid or unknown base user name: %s"),$match[1]); |
| 242 | } elseif ($string=='Invalid or incorrect password') { |
| 243 | $ret = _("Invalid or incorrect password"); |
| 244 | } elseif ($string=='Base user has no virtual password table') { |
| 245 | $ret = _("Base user has no virtual password table"); |
| 246 | } elseif ($string=='Failed while writing initial OK response') { |
| 247 | $ret = _("Failed while writing initial OK response"); |
| 248 | } elseif ($string=='Failed while writing list entry') { |
| 249 | $ret = _("Failed while writing list entry"); |
| 250 | } elseif ($string=='Internal error -- userpass && !mustexist') { |
| 251 | $ret = _("Internal error -- userpass && !mustexist"); |
| 252 | } elseif ($string=='Invalid or unknown base user or domain') { |
| 253 | $ret = _("Invalid or unknown base user or domain"); |
| 254 | } elseif ($string=='Incorrect password') { |
| 255 | $ret = CPW_INVALID_PW; |
| 256 | } elseif ($string=='User name does not refer to a virtual user') { |
| 257 | $ret = _("User name does not refer to a virtual user"); |
| 258 | } elseif ($string=='Invalid or unknown virtual user') { |
| 259 | $ret = _("Invalid or unknown virtual user"); |
| 260 | } elseif ($string=='Virtual user already exists') { |
| 261 | $ret = _("Virtual user already exists"); |
| 262 | } elseif ($string=='Timed out waiting for remote') { |
| 263 | $ret = _("Timed out waiting for remote"); |
| 264 | } elseif ($string=='Connection to client lost') { |
| 265 | $ret = _("Connection to client lost"); |
| 266 | } elseif ($string=="Couldn't decode the command string") { |
| 267 | $ret = _("Couldn't decode the command string"); |
| 268 | } elseif ($string=='Empty command string') { |
| 269 | $ret = _("Empty command string"); |
| 270 | } elseif ($string=='Error decoding a command parameter') { |
| 271 | $ret = _("Error decoding a command parameter"); |
| 272 | } elseif ($string=='read system call failed or was interrupted') { |
| 273 | $ret = _("read system call failed or was interrupted"); |
| 274 | } elseif ($string=='Short read while reading protocol header') { |
| 275 | $ret = _("Short read while reading protocol header"); |
| 276 | } elseif ($string=='Invalid protocol from client') { |
| 277 | $ret = _("Invalid protocol from client"); |
| 278 | } elseif ($string=='Short read while reading message data') { |
| 279 | $ret = _("Short read while reading message data"); |
| 280 | } elseif ($string=='Error writing response') { |
| 281 | $ret = _("Error writing response"); |
| 282 | */ |
| 283 | } else { |
| 284 | // return unknown strings |
| 285 | $ret = $string; |
| 286 | } |
| 287 | return $ret; |
| 288 | } |